CVE-2021-29653

HIGH7.5EPSS 0.10%

Published: 3/6/2024Modified: 4/3/2025

Description

HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. Fixed in 1.5.8, 1.6.4, and 1.7.1.

Affected packages (1)

Bitnami/vault>= 1.5.1, < 1.5.8, >= 1.6.0, < 1.6.4, >= 1.7.0, < 1.7.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References (2)

WEBhttps://discuss.hashicorp.com/t/hcsec-2021-09-vault-s-pki-engine-crl-may-exclude-revoked-but-unexpired-certificates-after-tidy/23461/2
WEBhttps://nvd.nist.gov/vuln/detail/CVE-2021-29653